Client Authorization/Client Token

A client token is a signed data blob that includes configuration and authorization information required by the Braintree client SDK. These should not be reused; a new client token should be generated for each request that's sent to Braintree. For security, we will revoke client tokens if they are reused excessively within a short time period.

Your server is responsible for generating the client token, which contains all of the necessary configuration information to set up the client SDKs. When your server provides a client token to your client, it authenticates the application to communicate directly to Braintree.